Certificate Services

Active Directory Certificate Services role services are managed by using MMC snap-ins. The following table lists the tools you have used throughout this lessons, most of which are available from within Server Manager. Use the buttons below to navigate through the lesson The snap-ins listed in table can be installed by using Server Manager and…

If you decided to use online responders, you will need to finalize their configuration. Online responders can create an array of systems to provide high availability for the service. An array can be as simple as two CAs acting as ORs (Online Responders), or it can include many more servers. Use the buttons below to…

Now you’re ready to configure enrollment. This is done through Group Policy. You can choose either to create a new Group Policy for this purpose or to modify an existing Group Policy object. This policy must be assigned to all members of the domain; therefore, the Default Domain Policy might be your best choice or,…

Certificate templates are used to generate the certificates you will use in your AD CS configuration. Enterprise CAs use version 2 and 3 templates. These templates are configurable and enable you to personalize them. Use the buttons below to navigate through the lesson To prepare templates for various uses, you must first configure each template you…

After you have deployed your servers, you still need to complete several configurations to begin using them to issue and manage certificates to users and devices. Several activities are required: Use the buttons below to navigate through the lesson To issue and maintain certificates, you must finalize the configuration of your issuing CAs. For your…

Now, you will obtain the certificate to complete the installation of the issuing CA. You should normally perform this procedure offline using a removable storage device such as a floppy disk or a USB flash drive, but for the purpose of this exercise, you will use a shared folder to transfer the certificate request and…

Right click Roles. Select Add Roles. Click Next. Select Active Directory Certificate Services and click Next. Click Next. Use the buttons below to navigate through the lesson Select Certification Authority and Online Responder and click Next. When Online Responder is selected Web role services need to be added as well. Click Add required Role Services. Click Next. Select Enterprise and…

In most cases, you will install at least a two-tiered structure, installing first a standalone, then an enterprise CA. In larger organizations, you will deploy several tiers and install several servers in each tier except for the root. Servers hosting the AD CS role should be configured with the following capabilities whether they are physical or…